search

bargenson / docker-filebeat

A docker image using the Docker API to collect and ship containers logs to Logstash
142 stars 74 forks source link

Support for SSL certificates #10

Open kenkendk opened 7 years ago

kenkendk commented 7 years ago

I really like the idea, but for me to deploy something like this, I need to specify the SSL options.

Both the CA, the client cert and client key needs to be configureable.

arikin commented 6 years ago

This is possible through docker configuration. Simply bind the settings you need to a volume. Example in docker-compose for the ELK container:

version: '3'

services:

  elk:
    image: sebp/elk
    container_name: elk
    restart: always
    ports:
      - '5601:5601'
      - '9200:9200'
      - '5044:5044'
    volumes:
      - elklogstashconf:/etc/logstash/conf.d/

volumes:
  elklogstashconf:

Then you can edit those in the default volume location on the host. vim /var/lib/docker/volumes/kibana_elklogstashconf/_data/02-beats-input.conf This could also be done with this filebeat container but you mentioned the SSL settings for beat input.

If you want to put your own certs (from your own elk server) into this filebeat container change the docker-compose.yml

version: '3'

services:

  filebeat:
    image: bargenson/filebeat
    container_name: filebeat
    environment:
      LOGSTASH_HOST: elk.domain
      LOGSTASH_PORT: 5044
      SHIPPER_NAME: myshipper
    volumes:
      - /var/run/docker.sock:/tmp/docker.sock
      - pkiclient:/etc/pki/client/
    restart: always

volumes:
  pkiclient:

Then you put the cert.pem and cert.key into that volume.

cp -p mycert.pem /var/lib/docker/volumes/filebeat_pkiclient/_data/cert.pem
cp -p mycert.key /var/lib/docker/volumes/filebeat_pkiclient/_data/cert.key

The names have to be cert.pem and cert.key.